0x00298010:     cmp    $0xfffffff0,%eax ;;; 4 args at -4(esp),-8(esp),-12(esp),-16(esp)
0x00298013:     jne    0x275b28
0x00298019:     mov    -4(%esp),%eax    ; get arg0
0x0029801d:     cmp    $0x4f,%eax       ; is it null
0x00298020:     jne    0x298048         ; if not, jump
0x00298026:     mov    -16(%esp),%eax   ; get arg3
0x0029802a:     mov    %eax,%edi        ; put it in edi
0x0029802c:     and    $0x7,%eax        ; closure?
0x0029802f:     cmp    $0x3,%eax
0x00298032:     jne    0x275b00
0x00298038:     movl   $0x4f,-4(%esp)   ; put null in arg0
0x00298040:     mov    $0xfffffff4,%eax ; set argc
0x00298045:     jmp    *-3(%edi)        ; tcall
 
0x00298048:     mov    -4(%esp),%eax    ; not null, get arg0
0x0029804c:     mov    %eax,%ebx
0x0029804e:     and    $0x7,%eax
0x00298051:     cmp    $0x1,%eax
0x00298054:     jne    0x275a00
0x0029805a:     mov    -1(%ebx),%eax    ; take car
0x0029805d:     mov    %eax,-20(%esp)   ; save to -20(esp)
0x00298061:     cmp    4(%esi),%ebp     ; check overflow
0x00298064:     jl     0x2980a9
0x0029806a:     movl   $0x4040,-40(%esp) ; memreq -> -40(esp)
0x00298072:     mov    %edi,-32(%esp)    ; cp -> -32(esp)
0x00298076:     mov    $0x6785,%eax
0x0029807b:     mov    %eax,%edi         ; handler -> edi
0x0029807d:     add    $0xffffffe0,%esp  ; decrement stack by 32
0x00298080:     mov    $0xfffffffc,%eax  ; 4 -> argc
0x00298085:     mov    $0x6000,%ebx      ; ik_for_call
0x0029808a:     jmp    0x2980a0
                                                XXXXXXXX, XXXXXXX
-4(esp), -8(esp), -12(esp), -16(esp), -20(esp), -24(esp), -28(esp), -32(esp), -36(esp)
0x08f:                 live-mask:  0xfe 0x01
0x091:                 framesize:  36
0x095:                 ?????????:  532 = 0x214
0x099:                 multivalu:  0x2870488
0x09d:                 0x00
0x09e:                 0x00
0x09f:                 0x00

            -40(esp): out0
            -36(esp): my-rp
my-frame:   -32(esp): saved cp
            -28(esp): junk?
            -24(esp): junk?
            -20(esp): saved value
            -16(esp): arg3
            -12(esp): arg2
             -8(esp): arg1
             -4(esp): arg0
              0(esp): rp

0x002980a0:     call   *%ebx
0x002980a2:     mov    0(%esp),%edi
0x002980a6:     sub    $0xffffffe0,%esp
                                         ;;; no overflow
0x002980a9:     mov    5(%edi),%eax
0x002980ac:     mov    %eax,4(%ebp)
0x002980af:     mov    -4(%esp),%eax
0x002980b3:     mov    %eax,8(%ebp)
0x002980b6:     mov    -16(%esp),%eax
0x002980ba:     mov    %eax,12(%ebp)
0x002980bd:     movl   $0x2957a98,0(%ebp)
0x002980c4:     mov    %ebp,%eax
0x002980c6:     add    $0x10,%ebp
0x002980c9:     add    $0x3,%eax
0x002980cc:     mov    %eax,-32(%esp)
0x002980d0:     mov    1(%edi),%eax
0x002980d3:     mov    %eax,%edi
0x002980d5:     and    $0x7,%eax
0x002980d8:     cmp    $0x3,%eax
0x002980db:     jne    0x275b00
0x002980e1:     mov    -20(%esp),%eax
0x002980e5:     mov    %eax,-4(%esp)
0x002980e9:     mov    -32(%esp),%eax
0x002980ed:     mov    %eax,-16(%esp)
0x002980f1:     mov    $0xfffffff0,%eax ;;; 4 tail args
0x002980f6:     jmp    *-3(%edi)